Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2025-37731

Опубликовано: 15 дек. 2025
Источник: debian
EPSS Низкий

Описание

Improper Authentication in Elasticsearch PKI realm can lead to user impersonation via specially crafted client certificates. A malicious actor would need to have such a crafted client certificate signed by a legitimate, trusted Certificate Authority.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
elasticsearchremovedpackage

EPSS

Процентиль: 9%
0.00033
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2025-37731

CVSS3: 6.8
ubuntu
около 2 месяцев назад

Improper Authentication in Elasticsearch PKI realm can lead to user impersonation via specially crafted client certificates. A malicious actor would need to have such a crafted client certificate signed by a legitimate, trusted Certificate Authority.

nvd логотип

CVE-2025-37731

CVSS3: 6.8
nvd
около 2 месяцев назад

Improper Authentication in Elasticsearch PKI realm can lead to user impersonation via specially crafted client certificates. A malicious actor would need to have such a crafted client certificate signed by a legitimate, trusted Certificate Authority.

msrc логотип

CVE-2025-37731

msrc
около 2 месяцев назад

Elasticsearch Improper Authentication

github логотип

GHSA-m9gh-789g-q5pv

CVSS3: 6.8
github
около 2 месяцев назад

Elasticsearch PKI Realm Authentication Bypass Vulnerability Allows User Impersonation Through Crafted Client Certificates

EPSS

Процентиль: 9%
0.00033
Низкий